Watch out if you get email messages with attachments named like “Financial_Statement.exe” or “Postal_document.exe” – they mean trouble.

During these past few days we’ve seen here at BitDefender millions of spam messages either bundled with malware or containing a dangerous link. In this particular case I chose to present here, cyber-crooks tried to con the users by exploiting the natural and justified concern for their financial situation, serving them unsafe though extremely appealing attachments.

So, all in the name of money deposited in bank accounts and goods delivered via the postal service, there have been circulating e-mails with attached financial statements or postal documents. These are basically two facets of the same piece of malware – a downloader (identified by BitDefender asTrojan.Generic.KDV.280912) masquerading a Microsoft Word icon but bearing an .exe extension.

Earlier today, BitDefender has detected a new spam wave claiming to originate from one of the most visited portals in the country and informing the recipient about rap star Eminem being shot dead in Detroit.

The unsolicited message also contains a link to an alleged “Full story”, but instead, when clicked, takes the user to a malicious file. In order to trick the user into running it, the downloaded file bears a double extension (jpg.exe) and an icon that resembles a thumbnail of Eminem’s picture. If clicked, the executable file installs a backdoor (identified by BitDefender as Trojan.Zapchast.NBF).

There have been a number of high-profile security breaches in the last few months that have exposed the email addresses of millions of users. In December, Gawker Media's servers were hacked, and over 500,000 email accounts were compromised, and in April, Epsilon, one of the largest email marketing companies announced that its database had been breached. Epsilon said the breach was limited to only 2% of its clients - only about 50 companies. But those 50 companies include Citigroup, Capital One, Walgreen, Best Buy, Target, Hilton, Kroger, Tivo, Disney, The College Board and Marriot.

Rogue programs, fake antiviruses, fake security scans, fake antispyware, etc. are one of the most popular infections today.

Most of the users think these are real security products and that they do good job. And of course most of the users enters credit card details and "purchases" one of these antiviruses. And also there is huge possibility that you will be charged much more than the price declared in the shopping cart. As the time goes, these rogue antivirus and antispyware programs look more and more professional. They even tries to copy the interface of some real Antivirus or antispyware product. And also they usually come in families where the same program has more than one name. for example: "Windows recovery", "Windows xp recovery", "windows diagnostic", "windows vista recovery" is the same program with different names.

A new report of security company Symantec says that global spam is at its lowest levels since 2008. The geographic center of spammed accounts has also shifted from Russia to Saudi Arabia. Worldwide spam is now down to one in every 1.37 emails. In the United States, spam accounts for 73.7% of all emails.

Spam levels are now the lowest they have been since McColo, a California-based ISP spam control center, was taken down in 2008. That is, in part, due to the shutdown of the spam-sending botnet Rustock in March 2011. Spam, phishing, viruses and other types of malware are all still major problems in the Internet ecosystem but it looks like progress is being made against the botnets and those that control them.